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Abstract — In Wireless Sensor Networks (WSNs), most 
of the existing key management schemes, establish shared 
keys for all pairs of neighbor sensor nodes without 
considering the communication between these nodes. 
When the number of sensor nodes in WSNs is increased 
then each sensor node is to be loaded with bulky amount 
of keys. In WSNs a sensor node may communicate with a 
small set of neighbor sensor nodes. Based on this fact, in 
this paper, an energy efficient Traffic-Aware Key 
Management (TKM) scheme is developed for WSNs, 
which only establishes shared keys for active sensors 
which participate in direct communication. The proposed 
scheme offers an efficient Re-keying mechanism to 
broadcast keys without the need for retransmission or 
acknowledgements. Numerical results show that proposed 
key management scheme achieves high connectivity. In 
the simulation experiments, the proposed key 
management scheme is applied for different routing 
protocols. The performance evaluation shows that 
proposed scheme gives stronger resilence, low energy 
consumption and lesser end to end delay. 



Index Terms — Wireless sensor Network, 
management, Key Pre-distribution, Re-keying 

I. Introduction 



Key 



The utilization of wireless sensor networks a tool for 
data aggregation and data processing has become 
increasingly efficient and popular. These tools aid in 
the monitoring of customary activities, environmental 
conditions and more besides aiding in cost effective 
administration of remote and hazardous locations. 
Close interaction of WSNs with their physical 
environment and unattended deployement of sensor 
nodes in hostile environment make WSNs highly 
vulnerable to attacks. Imparting security in wireless 
sensor networks is considered to be a tedious task. 

WSNs is built with a large number of small battery 
powered device with limited energy, memory, 
computation and communication capabilities. Due to 
this insufficient resources in WSNs, Key management 
approaches used in Ad-Hoc and other wireless network 
cannot be applied to WSNs. From literature it is found 
that reasonable and accepted solution for key 
management in WSNs is to distribute randomly 
generated keys to each sensor node. 



In wireless sensor networks, a sensor node may 
communicate with a small set of neighbor sensor 
nodes. Most of the existing key management schemes, 
did not consider this communication between these 
nodes. They establish shared keys for all pairs of 
neighbor sensor nodes. When the number of sensor 
nodes in WSNs is increased, large number of keys is to 
be loaded in each sensor node, which in turn causes 
more energy consumption. If any two close sensor 
nodes are rarely in the active- state the assignment of 
shared keys may be unnecessary, since they may be 
hardly exploited. 

In this paper, a Traffic-Aware Key Management 
(TKM) scheme is proposed for WSNs, which only 
establishes shared keys for active sensor nodes which 
participate in direct communication, based on the 
topology information of the network. To inform about 
the state of a sensor node RTS/CTS control frames are 
modified from their original MAC. Proposed 

scheme reduces energy consumption with higher 
connectivity and stronger resilience against node 
capture. 

The paper is organized as follows. Section 2 gives 
brief literature review on various key management 
schemes for WSN. Section 3 describes proposed key 
pre-distribution scheme. Section 4 gives the 
performance evaluation in terms of numerical and 
simulation results. Section 5 concludes the paper. 

II. Related Work 

Various key management schemes for WSNs are 
proposed for past few years. Wenliang Du et al. 
[2004] proposed key management using deployement 
knowledge. Alan price et al. [2004] proposed 
authentication and key distribution in one set of 
protocols .For Distributed Sensor Network (DSN) an 
alternative of random key pre-distribution scheme has 
been proposed by Siu-Ping Chan et al. [2005]. Rui 
Miguel Soares Silva et al.[2006] proposed a scheme to 
overcome the disadvantages of the real symmetrical 
based systems using properties of chaotic systems. 
Grid-group deployment scheme has been proposed by 
Dijiang Huang et al. [2004]. "PKM", an in-situ key 
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management protocol for sensor networks was 
proposed by F. Cheng et al. [2005].Jaemin Park et al. 
[2005] proposed random key pre-distribution scheme. 

Neighbor-based authentication is explained briefly in 
literature. Sanzgiri et al.[2002] proposed the scheme in 
which the hash value of the packet corresponds to the 
decrypted value, the previous certificate is removed by 
the current node followed by the forwarding of the 
packet with the certificate of the current node.Both the 
target and intermediary participants were involved in 
the authentication of the data to be routed according to 
a fresh approach Ariadne proposed by Hu et al. 
[2002]. Every node present in the source-destination 
path determines the authentication of the routing 
information with the aid of a Tesla key proposed by 
Perrig et al.[2002], in the course of the route discovery 
process. 

Majority of the schemes use public key cryptography 
to attain security. But as the sensor nodes in wireless 
sensor networks are resource constraint the usage of 
public key cryptography in WSNs is not feasible. 

Routing protocols in wireless network are explined 
briefly in literature. Charles E.Perkins et al.[1999] 
proposed AODV (Ad-Hoc On Demand Distance 

Vector Routing) reactive type routing protocol. 
Proactive type routing protocol DSDV (Destination 
Sequence Distance Vector Routing) is proposed by 
Charles E.Perkins et al.[1994] and DSR(Dynamic 
Source Routing) is proposed by David B.Johnson et 
al.[2002] From the literature it is found that Cluster 
formation to reduce the energy consumed is proposed 
in LEACH a hierarchical type routing protocol In 
another type of routing protocol PEGASIS, each sensor 
node communicates only with a close neighbor and 
takes turns in transmitting to the base station , thus 
reducing energy. 

III. Threats to Wireless Sensor Networks 

Most network layer attacks against sensor networks 
fall into one of the following categories: [19] 

• Spoofed, altered, or replayed routing 
information 
Selective forwarding 
Sinkhole attacks 
Sybil attacks 
Wormholes 
HELLO flood attacks 
Acknowledgement spoofing 
Node Capture Attacks 

A. Spoofed, altered, or replayed routing information 

The most direct attack against a routing protocol is 
to target the routing information exchanged between 
nodes. By spoofing, altering, or replaying routing 
information, adversaries may be able to create routing 
loops, attract or repel network traffic, extend or shorten 
source routes, generate false error messages, partition 



the network, increase end-to-end latency, etc. 

B. Selective Forwarding 

In a selective forwarding attack, malicious nodes 
may refuse to forward certain messages and simply 
drop them, ensuring that they are not propagated any 
further. A simple form of this attack is when a 
malicious node behaves like a black hole and refuses to 
forward every packet she sees. A more subtle form of 
this attack is when an adversary selectively forwards 
packets. Selective forwarding attacks are typically most 
effective when the attacker is explicitly included on the 
path of a data flow. However, it is conceivable an 
adversary overhearing a flow passing through 
neighboring nodes might be able to emulate selective 
forwarding by jamming or causing a collision on each 
forwarded packet of interest. 

C. Sinkhole Attack 

In a sinkhole attack, the adversary's goal is to lure 
nearly all the traffic from a particular area through a 
compromised node, creating a metaphorical sinkhole 
with the adversary at the center. Because nodes on, or 
near, the path that packets follow have many 
opportunities to tamper with application data, sinkhole 
attacks can enable many other attacks. Sinkhole attacks 
typically work by making a compromised node look 
especially attractive to surrounding nodes with respect 
to the routing algorithm. One motivation for mounting 
a sinkhole attack is that it makes selective forwarding 
trivial. 

D. Sybil Attack 

In a Sybil attack, a single node presents multiple 
identities to other nodes in the network. The Sybil 
attack can significantly reduce the effectiveness of 
fault-tolerant schemes such as distributed storage, 
dispersity and multipath routing, and topology 
maintenance. Replicas, storage partitions, or routes 
believed to be using disjoint nodes could in actuality be 
using a single adversary presenting multiple identities. 
Sybil attacks also pose a significant threat to 
geographic routing protocols. 

E. Wormhole Attack 

In the wormhole attack, an adversary tunnels 
messages received in one part of the network over a 
low-latency link and replays them in a different part. 
The simplest instance of this attack is a single node 
situated between two other nodes forwarding messages 
between the two of them. However, wormhole attacks 
more commonly involve two distant malicious nodes 
colluding to understate their distance from each other 
by relaying packets along an out-of-bound channel 
available only to the attacker. 

F. HELLO Flood Attack 

A novel attack against sensor networks is the 
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HELLO flood attack. Many protocols require nodes to 
broadcast HELLO packets to announce themselves to 
their neighbors, and a node receiving such a packet 
may assume that it is within (normal) radio range of the 
sender. This assumption may be false: a laptop-class 
attacker broadcasting routing or other information with 
large enough transmission power could convince every 
node in the network that the adversary is its neighbor. 
An adversary does not necessarily need to be able to 
construct legitimate traffic in order to use the HELLO 
flood attack. It can simply rebroadcast overhead 
packets with enough power to be received by every 
node in the network. HELLO floods can also be 
thought of as one-way, broadcast wormholes. 

G. Acknowledgement Spoofing 

Several sensor network routing algorithms rely on 
implicit or explicit link layer acknowledgements. Due 
to the inherent broadcast medium, an adversary can 
spoof link layer acknowledgments for "overheard" 
packets addressed to neighboring nodes. Goals include 
convincing the sender that a weak link is strong or that 
a dead or disabled node is alive. Since packets sent 
along weak or dead links are lost, an adversary can 
effectively mount a selective forwarding attack using 
acknowledgement spoofing by encouraging the target 
node to transmit packets on those links. 

H. Node Capture Attacks 

The combination of passive attacks, active attacks, 
and physical attacks used by the malicious user/users to 
seize or corrupt network and takes control over the 
node is known as "Node capture attack". [20] The 
malicious user may induce replicated or corrupted 
information into the node which can impact the whole 
network/link to be malfunctioning. These "node 
capture attacks" occur due to the improper attention of 
the wireless nodes and the high cost of fool-proof 
hardware in portable devices. [21] The threats which 
are involved due to compromised (captured) node are 
much more severe than the attacks from outside the 
network. As mobile nodes are autonomous and can join 
or leave any network at will, it is hard to keep track of 
such nodes constantly. 

When a node is under attack or compromised, the 
keys are exposed to the intruders. Under such a 
condition, other's keys are also in a compromised state 
as these keys are also used by other nodes 

In this paper replay attack and node capture attacks 
are considered. 

IV. Proposed Key Management Scheme 

The proposed Key management scheme is based on 
the state of sensor nodes. State of sensor nodes are 
categorized in to three types as follows: Current 
transmitting node (CTN), Transmitting node (TN), 
transmitting Node (CTN), Non transmitting Node 



(NTN). 

In the proposed scheme RTS/CTS control frames is 
slightly modified from their original MAC protocol for 
informing a node the fact that its state is changed to TN 
or NTN in the corresponding period. 

10 Bytes 





+ ■ 




— ► 


Lenglh 


"type 


To 
Addr 


From 
Addr 


Duration 
(WAV J 


CRC 






Figure 1. a The Original RTS and CTS Frames 
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Figure 1. b) The Modified RTS and CTS Frames 

The modified RTS and CTS frame add only one 
field of two bytes to the original frame. The newly 
added bytes in RTS is destination address and the 
newly added bytes of CTS is TN address 
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Figure. 2: Classification of Node States 

Referring Figure 2, when node B receives A's 
modified RTS frame including the destination address 
of sink, its routing agent refers to the routing table for 
getting the next TN (node C) and informs back to its 
MAC. The node B then transmits modified CTS frame 
to node C which changes its state to TN and other 
neighbor nodes become aware of the fact that they are 
NTN nodes. Otherwise the routing path is broken or 
has not yet been established. 

The Proposed Key management scheme consists of 
following phases: 

i. Initial setup phase 

ii.Pre-distribution phase 

iii Shared Key discovery phase 

iv.Path key establishment phase 

v. Rekeying Phase 

A. Initial Setup 

Two keys, namely the Node key K and Network key 
NK are used in this scheme. The latter is utilized by the 
individual sensor nodes for the encryption and 
decryption purposes while the former is used by the 
key server node to unicast the node keys to the sensor 
nodes. 

Sensor nodes agree on the following system 
parameters used in the protocol. The system parameters 
include 
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Global Key Pool: Defined as a pool of random 
symmetric keys from which a group key pool is 
generated. Keys are generated using one way function 
F, where n is chosen to be large. 

Ki = F(Ki+l)i= 1,2,3,.. .n 

Group Key Pool: Defined as a subset of Global key 
pool for a given group. 

Key Ring: Defined as a subset of group key pool, 
which is independently assigned to each sensor node. 

Key-Sharing Graph: Let V represent all the nodes in 
WSN. A Key-Sharing graph G (V, E) is constructed in 
the following manner: For any two nodes i and j in V, 
there exists an edge between them if and only if (1) 
nodes x and j have at least one common key, and (2) 

nodes i and j can reach each other within the wireless 
transmission range, i.e., in a single hop. 

B. Key P re-Distribution Phase 

This phase is performed off-line and before the 
deployment of sensor nodes. Primarily group key pools 
Gi (i = 1,2,..., k )) are produced using global key pool 
S. After this, for each sensor node in a group, a key 
ring from a group key pool is Gi assigned along with a 
variable. 

C. Shared-Key Discovery Phase 

This phase is used to find a secure link between two 
sensor nodes. Sensor nodes which identify its shared 
keys in their key rings, then verify that other CTN and 
TN node contain these keys. Now the shared key turns 
out to be the key for that link. A key- sharing graph is 
created by the entire sensor networks following above 
step. The execution of the shared key discovery phase 
is completed by a CTN node, if it finds out a TN node 
as a neighbor. 

D. Path -Key Establishment Phase 

Sensor nodes can form path keys with their neighbor 
nodes since they have not shared keys inside their key 
rings. A path can be established from a source sensor 
node to other CTN and TN sensor nodes, if the key- 
sharing graph is connected. A path key can be 
generated by the source node and send it safely using a 
path to the target sensor node. 

E. Re-keying Phase 

This Phase uses two control packetsand INIT 
UPDATE .The command node prepares a control 
packet INIT which contains 

INIT : ( L, K i +1, Trekey ), MAC(L, K i +1, Trekey ) 

L - length of the key 

Ki - initial key 

Trekey - Rekeying interval of Ki 

This control packet is encrypted with network key NK 



and send to every sensor nodes 

Commandnode -^ENK( INIT ) 

Once the INIT packet is received, a sensor node 
resets all previous keys. It then calculates new keys K 
i ,..., KI from K i +1 . The subsequent key in the key- 
sequence is broadcasted by the command node 
periodically with the aid of UPDATE control packet. 
The node keys are disclosed by the command node in a 
periodic manner from the to K all nodes in the 

group.At time T A A + T t ,the server broadcasts 
start rekey 

UPDATE packets containing K i + L + 2, i =1,2,. ...,n - 

L - 2 ,Command node — ► group :EKi+l (Ki + L + 

2) 

Where Eki +1 is the active encryption key at the time 

when UPDATE packet is broadcasted. 

The UPDATE packet is discarded once the node 
detects that it is not from its own server. If not, the 
UPDATE packet is broadcasted to all the neighbors. 

V. Performance Evaluation 

A. Evaluation Metrics 

In the proposed scheme following evaluation metrics 
are considered: 

Connectivity: The probability that two sensors share 
at least one common key at a given time-interval 
should be higher, with smaller number of keys. 

Resilience against Node Capture: Exposing of the 
secret information regarding other nodes should be 
made certain by the key establishment technique, if a 
node inside a sensor network is confined. 

Any efficient key management scheme for WSNs 
should have higher connectivity and stronger resilience 

B. Numerical Results 

Connectivity 

It is defined as the probability ( Ps ) that two TN or 
CTN state sensor nodes share atleast a common key 
after deploy ement at a given time interval. 

Let cp is the set of all sensor node groups and two 
nodes Ni and N ; are selected fromGj and Gi of cp . 

The probability that Ni and N j are in TN state at given 
time-interval, and two nodes share at least one common 
key is given by Ps. Using Baye's Theorem, 



J^PiJ.Fjtfft) 



1 = 



f££> 



(1) 






Where, PI (Ti ) — - Probability of group G. at a time 

interval Ti P3 ( Sh) - - Probability that two nodes share 
at least one common key 

The probability that two nodes are in TN state at a 
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given time-interval Ti is calculated using 



p (t m ) = e a 



(2) 



X! 



Therefore the active-probability of Gi at T. can be 
found as follows 



W)=f P (0-f P (0 
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(3) 



The probability that two nodes share at least one 
common key is expressed as 

1 - pr two sensors do not share any key]. (4) 

Consider 

Total size of each group = M 

Shared keys = Sh(M ) 

Non-Shared keys = M - Sh(M ) 

Let nl , n 2 be two sensor nodes. When nl select x 
keys from keys Sh(M ) and y keys from M - Sh(M ) 
keys, then n 2 select z keys from ( M - x) Keys. 

Pr [two sensors do not share any key] is given by 
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Figure 3. Connectivity Vs No. of Keys 

Figure. 3 gives the connectivity with respect to the 
varied number of keys in each sensor. The proposed 
scheme is compared with the existing random key pre- 
distribution scheme of Mohamed F. Younis et al.'s 



[2006]. It is found that lesser number of keys is 
involved in the proposed scheme to achieve the same 
probability. 

C. Simulation Results 

NS2 simulator is used for simulation with following 
specifications: 

• Maximum Number of nodes is 80 

• The deployment area is 500mx500 m. 

• Simulation time is 100 seconds. 

• The transmission range of 250 meters with 
Constant Bit Rate (CBR). 

The proposed key management is applied with 
routing protocols DSDV, LEACH and PEGASIS and 
simulated to find resilience, energy consumed and end 
to end delay performance. 

Effects of Resilience against Node Capture 

An adversary can attack on a sensor node after it is 
deployed to read the information. To find how a 
successful attack on n sensor nodes by an adversary 
affects the rest of the network resilience is used. 
Resilience is calculated from the fraction of 
communication among the uncompromised nodes that 
an adversary can compromise based on the information 
retrieved from the n captured nodes. Using the routing 
protocols DSDV, LEACH, and PEGASIS, resilience is 
measured for the proposed TKM scheme with varying 
number of nodes and attackers and compared with 
SHELL proposed by Mohemed F. Younis et al.[2006]. 



Resilience for various attackers 




Figure 4.a.Resilence Vs Nodes-DSDV 



Resilience for various Attackers 



1 n 

0.8 
8 0.6 
1 0.4 

CA 

s 0.2- 











-♦- LEACH-5 
-■-LEACH-10 
-A-LEACH-15 
-K- LEACH-20 




















20 


40 60 
nodes 


80 







Figure 4.b.Resilence Vs Nodes-LEACH 
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Resilience For Varous Attackers 
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Figure. 4.c.Resilence Vs Nodes-PEGASIS 
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Figure 4.d.Resilence Vs Nodes-SHELL 

Figure 4. a shows the resilience with TKM using 
routing protocol DSDV. With increase in the number of 
nodes from 20 to 80 nodes and increase in number of 
attackers from 5 to 20 attackers the resilience is 
reduced by 55% to 61%. 

Figure 4.b shows the resilience with TKM using 
routing protocol LEACH.With increase in the number 
of nodes from 20 to 80 nodes and increase in number of 
attackers from 5 attackers to 20 attackers the resilience 
is reduced by 79% to 81%. 

Figure 4.c shows the resilience with TKM using 
routing protocol PEGASIS. With increase in the 
number of nodes from 20 to 80 nodes and increase in 
number of attackers from 5 to 20 attackers the 
resilience is reduced by 86% to 88%). 

Figure 4.d shows the resilience with SHELL. With 
increase in the number of nodes from 20 to 80 nodes 
and increase in number of attackers from 5 to 20 
attackers the resilience is reduced only by 28%) to 38%o. 

It is found from fig 4.a-e the performance of 
resilience is best in TKM-PEGASIS and hence more 
secure when compared with TKM using LEACH, 
DSDV and SHELL. 

Effects of Energy Consumption against Node Capture 

Energy consumed by the network is obtained by 
varying total number of nodes and attackers with TKM 
using routing protocols DSDV, LEACH and PEGASIS. 
Proposed TKM scheme is compared with SHELL. 
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Figure5.a. Energy Consumption Vs Nodes -DSDV 
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Figure 5.b. Energy Consumption Vs Nodes -LEACH 

Figure 5. a shows the energy consumed with TKM- 
DSDV. With increase in the number of nodes from 20 
nodes to 80 nodes and increase in number of attackers 
from 5 attackers to 20 attackers the energy consumed is 
reduced by 43% to 47% when compared with SHELL 

Figure 5.b shows the energy consumed with TKM- 
LEACH. Number of nodes is increased from 20 nodes 
to 80 nodes and the number of attackers is also 
increased from 5 attackers to 20 attackers and it is 
observed that the energy consumed is reduced by 58% 
to 62% when compared with SHELL 

Figure 5.c shows the energy consumed with TKM 
using routing protocol PEGASIS. With increase in the 
number of nodes from 20 nodes to 80 nodes and 
increase in number of attackers from 5 attackers to 20 
attackers the energy consumed is reduced by 69% to 
71% when compared with SHELL 
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Energy For Various Attackers 
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Figure 5.d. Energy Consumption Vs Nodes -SHELL 

From figure 5. a to 5.d it is observed that TKM- 
PEGASIS consumes less energy for specific 
transmission when compared with TKM using 
LEACH, DSDV and SHELL. 



Effects of End to End Delay against Node Capture 

Delay For Various Attackers 




Figure 6. a. Delay Vs Attackers 

Figure 6. a shows that the end to end delay is reduced 
by 49% to 63% with TKM-DSDV when compared with 
SHELL with increase in the number of nodes from 20 
nodes to 80 nodes and number of attackers from 5 to 20 
attackers. 

Figure 6. b. shows that the end to end delay is reduced 
by 54% to 61% with TKM-LEACH when compared 
with SHELL with increase in the number of nodes from 
20 nodes to 80 nodes and number of attackers from 5 
attackers to 20 attackers 

Figure 6.c shows that the end to end delay is reduced 
by 61% to 65% with TKM-PEGASIS when compared 
with SHELL with increase in the number of nodes from 
20 nodes to 80 nodes and number of attackers from 5 
attackers to 20 attackers. 
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Figure 6.c.Delay Vs Attackers 



Delay For Various Attackers 




Figure 6.b. Delay Vs Attackers 



20 40 60 

Nodes 



Figure 6.d. Delay Vs Attackers 

From figure 6.a-d it is observed that end to end delay 
is reduced more in TKM-PEGASIS when compared 
with TKM using LEACH, DSDV and SHELL. 

VI. Conclusion 

The proposed scheme establishes shared keys for 
active sensor nodes which participate in direct 
communication, based on the topological information 
of the network. This scheme provides seamless re- 
keying without disrupting the ongoing security process. 
Numerical results show that the proposed scheme 
achieves high connectivity. The simulation is 
performed for the proposed scheme with different 
routing protocols. Performance analysis shows that 
proposed key management scheme TKM with 
PEGASIS achieves stronger resilience low energy 
consumption and lesser end to end delay when 
compared with SHELL. 
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